from the but-of-course dept

The other shoe just dropped when it comes to how the federal government illegally spies on Americans. Last summer, the details of the NSA's "backdoor searches" were revealed. This involved big collections of content and metadata (so, no, not "just metadata" as meaningless as that phrase is) that were collected under Section 702 of the FISA Amendments Act (FAA). This is part of the program that the infamous PRISM effort operates under, and which allows the NSA to collect all sorts of content, including communications to, from or about a "target" -- where a "target" can be incredibly loosely defined (i.e., it can include groups or machines or just about anything). The "backdoor searches" were a special loophole added in 2011 allowing the NSA to make use of "US person names and identifiers as query terms." In the past, it had been limited (as per the NSA's mandate) to only non-US persons.

This morning, James Clapper finally responded to a request from Senator Ron Wyden concerning the number of such backdoor searches using US identifiers that were done by various government agencies. And, surprisingly, it's redaction free. The big reveal is... that it's not just the NSA doing these searches, but the CIA and FBI as well. This is especially concerning with regards to the FBI. This means that the FBI, who does surveillance on Americans, is spying on Americans communications that were collected by the NSA and that they're doing so without anything resembling a warrant. Oh, and let's make this even worse: the FBI isn't even tracking how often it does this. It's just doing it willy nilly:

The FBI does not track how many queries it conducts using U.S. person
identifiers. The FBI is responsible for identifying and countering threats to the homeland, such
as terrorism pilots and espionage, inside the U.S. Unlike other IC agencies, because of its
domestic mission, the FBI routinely deals with information about US persons and is expected to
look for domestic connections to threats emanating from abroad, including threats involving
Section 702 non-US. person targets. To fulfill its mission and avoid missing connections within
the information lawfully in its possession, the FBI does not distinguish between U.S. and non-
U.S. persons for purposes of querying Section 702 collection. It should be noted that the FBI
does not receive all of Section 702 collection; rather, the FBI only requests and receives a
small percentage of total Section 702 collection and only for those selectors in which the
FBI has an investigative interest.

Moreover, because the FBI stores Section 702 collection in the same database as
its "traditional" FISA collection, a query of "traditional" FISA collection will also query Section
702 collection. In addition, the FBI routinely conducts queries across its databases in an effort to
locate relevant information that is already in its possession when it opens new national security
investigations and assessments. Therefore, the FBI believes the number of queries is substantial.
However, only FBI personnel trained in the Section 702 minimization procedures are able to
View any Section 702 collection that is responsive to any query.

Got that? Basically, the FBI often asks the NSA for a big chunk of data that the NSA probably shouldn't have in the first place -- including tons of Americans' communications, and the FBI gets to dump it into the same database that it is free to query. And the FBI tracks none of this, other than to say that it believes that there are a "substantial" number of such queries. This would seem to be a pretty blatant attempt to end run around the 4th Amendment, giving the FBI broad access to searching through the communications of Americans with what appears to be almost no oversight.

Yikes!

Oh, and it's not just the NSA, but the CIA as well. Remember, the CIA is not supposed to be doing any surveillance on US persons (like the NSA), but that's not what's happening at all. At least the CIA tracks some (but not all) of its abuse of backdoor searches:

In calendar year 2013, CIA conducted fewer than 1900 queries of Section 702-acquired communications using specific U.S. person identifiers as query terms or other more general query terms if they are intended to return information about a particular U.S. person. Of
that total number approximately 40% were conducted as a result of requests for
counterterrorism-related information from other U.S. intelligence agencies. Approximately 27%
of the total number are duplicative or recurring queries conducted at different times using the
same identifiers but that CIA nonetheless counts as separate queries. CIA also uses U.S. person
identifiers to conduct metadata-only queries against metadata derived from the FISA Section 702
collection. However, the CIA does not track the number of metadata-only queries using U.S.
person identifiers.

So, the CIA is doing these kinds of warrantless fishing expeditions into the communications of Americans as well, but at least the CIA tracks how often it's doing so. Of course, when it comes to metadata searches, the CIA doesn't bother. It's also a bit bizarre that the CIA is apparently carrying out a bunch of those searches for "other U.S. intelligence agencies," when the CIA should be especially limited in its ability to do these searches in the first place.

Senator Wyden has responded to these revelations by pointing out how "flawed" the oversight system is that these have been allowed:

When the FBI says it conducts a substantial number of searches and it has no idea of what the number is, it shows how flawed this system is and the consequences of inadequate oversight. This huge gap in oversight is a problem now, and will only grow as global communications systems become more interconnected. The findings transmitted to me raise questions about whether the FBI is exercising any internal controls over the use of backdoor searches including who and how many government employees can access the personal data of individual Americans. I intend to follow this up until it is fixed.

Hopefully, now you are starting to recognize what a big deal it was last week when the House of Representatives recently voted to defund the ability to do these kinds of backdoor searches. Still, much more needs to be done.

Oh, and in case you're wondering why Clapper finally 'fessed up to the FBI and CIA making use of these data to warrantlessly spy on Americans, it's worth noting that the Privacy and Civil Liberties Oversight Board (PCLOB) is expected to come out with its report on the Section 702 surveillance program on July 2nd (7/02, get it?). It seems likely that the report will discuss these backdoor searches on Americans and how other agencies besides the NSA has been involved in the practice.

Re: Re: FBI...

The NSA - which is not supposed to do any surveillance on US citizens, is capturing and searching their communications, but keeps a record of when they do it and also has a court that rubber stamps all of this, but at least gets informed.

The CIA - which is not supposed to do any domestic surveillance, is also collecting and searching US citizen communication and while they are under basically no obligation to tell anyone what they are doing, they can tell us how many of their searches have impacted US citizens.

The FIB - which is a domestic investigation agency bound by the rules that are supposed to bind US law enforcement and protect the rights of each and every US citizen - they search all kinds of domestic communications but have no oversight and cannot even come up with a number other than "a lot" in regards to the number of these illegal searches they have been doing.

So here you have it recognized. The NSA which supposedly doesn't get more than metadata is now revealed that it's everything on line; all of it.

The BS story about data not being invaded unless it's searched for is another runaround. The NSA apparently has been doing this globally as well as domestically. Change the meanings of the words so it twists the definition of a law and allows them to continue on. The crap about it's not not spying if the data isn't looked at just flew out the window.

We now have a system that can lie to the intent of what is being done. The NSA doesn't look at most of the data but instead passes it on to the FBI and CIA, I am sure with the understanding that if they find something interesting it will pick up on the data to from them.

i thought i felt a draft...

No worries

I don't see what the big deal is, not like they can use these back doors to plant evidence of a crime you didn't commit... And even if they could do that, they would never do it because they are trained individuals who had 8 hours of OJT.

No worries

I don't see what the big deal is, not like they can use these back doors to plant evidence of a crime you didn't commit... And even if they could do that, they would never do it because they are trained individuals who had 8 hours of OJT.

man, this shows that those in charge of the various agencies are not only paranoid, but lack any sort of restraint on what the do and how they do it. it also shows how those who are supposed to be ensuring that these agencies do only what they are allowed by law to do, are just as guilty. that then leads to the conclusion, surely, that those in these high-level positions need replacing asap! having people who know exactly what needs to be watched is one thing, having them break the law to do it and then be backed up by even more important people, is another!this obviously all comes from fear. what can you do though, when there is little else to fear, except fear itself? these different agencies all doing the same thing are being run by those who must actually want terrorist attacks to occur/keep occurring, simply so they can come out with the 'i told you so' statement just so they can delve even further into private citizens lives. we already know that the terrorist attacks that have been thwarted are just about non-existent, so why do they think that is? maybe because those involved are smarter than those trying to do the catching? they certainly are not going to thwart many watching everything the ordinary people do, it's just much easier to watch those who are doing nothing wrong especially when they dont know they may be suspected of doing nothing wrong! there needs an awfully shake-up in government and law enforcement before things get out of hand, people! if not, that Police State we keep fearing is coming will be here a damn site sooner!!

Foot in the door

But Mike, they're "minimizing" the surveillance on Americans. So let's say the FBI wants to spy on ALL the judges in US. But then, the good guys at FBI are like "hey - that's not right! We can't just spy on all judges... We need to minimize that - say, only 50 judges per year. So choose wisely!".

Backdoors everywhere! The US promises countries like Germany that their WHARPDRIVE fiber-optic cable taps won't be used to spy on German citizens. Then uses it's WHARPDRIVE taps in Denmark to spy on Germany.

So too does the NSA, CIA, and FBI circumvent the law by sharing information amongst themselves. Then proceed to claim that it's not their agency spying on US citizens, and everything they do is within the legal framework of constitutional law.

The words of governmental agencies and representatives have become so twisted and misleading. That their statements carry little more weight than a flat-out lie.

Let's see:1. Increasing disregard of the Constitution2. Increasing disregard of citizen's and State's rights.3. Increasing militarization of local police forces.4. Training that teaches said local police forces to oppress said citizens.

Another day at the office

They have been doing this for decades! Common knowledge, often commented upon, then forgotten. DOJ always MIA.

Congress, during the Bushco Gang's administration, even passed laws authorizing what would otherwise have been criminal activities in the interest of research (false flag ops, violence, PsyOps, you name it).

Paranioid much?

"CIA is doing these kinds of warrantless fishing expeditions"

AKA "analysis." A fishing expedition would be randomly checking content in the hopes of finding something. 1900 requests to the court in a year doesn't sound like that -- it sounds like highly targeted analysis, with requests based on information collected elsewhere to point towards certain suspects. You people have zero evidence of abuse, just the typical paranoia rampant in the tech community.

I agree the FBI needs more watching -- as does the IRS and any other agency with enforcement powers. But still, get a life people.